Published: 08/01/2019 Updated: 24/08/2020

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 828

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka "Microsoft Word Remote Code Execution Vulnerability." This affects Word, Microsoft Office, Microsoft Office Word Viewer, Office 365 ProPlus, Microsoft SharePoint, Microsoft Office Online Server, Microsoft Word, Microsoft SharePoint Server.

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft office online server -
microsoft office word viewer -
microsoft word 2013
microsoft word 2016
microsoft sharepoint server 2013
microsoft sharepoint server 2016
microsoft sharepoint server 2019
microsoft word 2010
microsoft office 2010
microsoft office 2016
microsoft office 2019
microsoft word automation services -
microsoft office web apps server 2010
microsoft office 365 proplus -

Welcome to 2019: Your Exchange server can be pwned by an email (and other bugs need fixing)

The Register • Shaun Nichols in San Francisco • 08 Jan 2019

Hyper-V, DHCP, Word, and more. Plus, bonus shock: Adobe spares Flash in January patch dump

Patch Tuesday Microsoft has released the first Patch Tuesday bundle of the year, patching up 49 CVE-listed security vulnerabilities and issuing two advisories. The January edition of Patch Tuesday includes critical fixes for Windows 10, Exchange Server, and Hyper-V. Among the 49 bug fixes were patches for remote code execution flaws in DHCP (CVE-2019-0547) and an Exchange memory corruption flaw (CVE-2019-0586) that Trend Micro ZDI researcher Dustin Childs warns is particularly dangerous as it ca...

CVE-2019-0585

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect